Thursday, August 7, 2008

If you are having trouble running or installing applications on your VPS, one good way to find the source of the problem is to use the special file/proc/user_beancounters which shows the resource control information about running virtual environments.

To view /proc/user_beancounters on your VPS, login to your VPS via SSH.In the SSH Terminal you will type:

cat /proc/user_beancounters

Then hit Enter.

After you hit Enter, you should see something that looks similar to the following:

If you look at the top line where you see uid to the left of it, that line is the field that displays the numeric identifier of the Virtual Environment.

The field held shows the current counter for the Virtual Environment (resource "usage").The field maxheld shows the counter's maximum for the lifetime of the Virtual Environment. The lifetime of the Virtual Environment is usually just the time between the start and stop of your VPS.The barrier and limit fields are resource control settings. For some parameters only one of them may be used, for others, both. These fields may display resource limits or guarantees, and the exact meaning of them is parameter-specific.The field failcnt shows the number of refused "resource allocations" for the lifetime of the Virtual Environment. Failcnt counter is increased only for accounting parameters.The field failcnt is the field you will be looking at for errors.

If you look at the example above, you will see that the parameter kmemsize has a failcnt of 129. That is because in this example, the VPS did not have enough memory available to install an application. Therefore, the failcnt counter recorded the 129 memory failures, next to the parameter kmemsize in it's /proc/user_beancounters file. We know the problem was memory since the failcnt next to kmemsize increased after trying to install the application.

In this article, we will concentrate on the following parameters:

kmemsizeThis is the parameter that shows the size of unswappable memory, allocated by the operating system kernel. If the failcnt value increases on this parameter, most likely there is not a sufficient amount of memory available to run the application.

lockedpagesThis is process pages not allowed to be swapped out. The size of these pages is also accounted into kmemsize. Note that typical server applications like Web, FTP, and mail servers do not use memory locking features. If the failcnt value increases on this parameter, most likely there is not a sufficient amount of memory available to run the application.

privvmpagesThis is the memory allocation limit. This parameter allows controlling the amount of memory allocated by applications. If the failcnt value increases on this parameter, most likely there is not a sufficient amount of memory available to run the application.

shmpagesThis is the total size of the shared memory (IPC, shared anonymous mappings and tmpfs objects). These pages are also accounted into privvmpages. Its configuration affects functionality and resource shortage reaction of the applications in the given Virtual Environments only. Again, If the failcnt value increases on this parameter, most likely there is not a sufficient amount of memory available to run the application.

physpagesThis is the total number of RAM pages used by processes in this virtual environment. Unlike other accounting methods, the sum of physpages usage for all Virtual Environments yields to the total number of pages used in the system by all Virtual Environments. This is currently an accounting-only parameter. It does not set any limits or barriers. If the failcnt value increases on this parameter, most likely there is not a sufficient amount of memory available to run the application.

vmguarpagesThis parameter controls how much memory is available to the Virtual Environment. The vmguarpages parameter does not have its own accounting. The current amount of allocated memory is accounted into another parameter (privvmpages). If the failcnt value increases on this parameter, most likely there is not a sufficient amount of memory available to run the application.

oomguarpagesThis is the guaranteed amount of memory in case the memory is "over-booked" (out-of-memory kill guarantee). The failcnt counter of oomguarpages parameter increases when a process in this Virtual Environment is killed because of an out-of-memory situation, but not when the barrier is reached. Again, If the failcnt value increases on this parameter, most likely there is not a sufficient amount of memory available to run the application.

numfileThis is the number of "files" in use, including real files, sockets and pipes. The configuration of this parameter affects functionality and resource shortage reaction of applications in the given Virtual Environment only. If the failcnt value increases on this parameter, you are trying to have too many files open at once.

----------------------------------------------------------Login as the root using ssh

/scripts/easyapache

you should see a menu on screen asking you which options you would likebuilt into your apache install. Select options as per yourrequirements. Once it has completed it will automatically restart Apache for youand you will then be able to use the new features.

----------------------------------------------------------

NB:-you can also use EasyApache by logging into the WHM interface,going to the “Software” section then clicking on “Apache Update.”Note that you may want to “Load Previous Config” as your first stepto load your server’s existing configuration so you have a good ideaof what is currently on the server as you customize Apache and PHP.##################################### enable file and directory indexing####################################Q. How do I enable apache file and directory indexing? Currently it isdisabled and I would like to enable the same for /pdfs/ directory(http://domain.com/pdfs).

You can place config line Options Indexes in .htaccess file. Make sure.htaccess file support is enabled.Change directory to pdfs$ cd pdfsOpen .htaccess file$ vi .htaccessAppend following apache directive:Options IndexesSave and close the file.---------------------------------------------------------------------------------------------------------------

############################################################################### Forbidden - You don’t have permission to access this page error andsolution##############################################################################Q. Why I am getting this error message? I am using Apache web serverand my directory is located at /home/myname/public_html.

-------------------------------------------------------------------------------A. The permissions on your Web page are not correct. Login over sshsession and use chmod command to setup correct permission. Go to directory(for example public_html or /var/www/sitename.com/dir/) and type thefollowing command

$ chmod 755 *.*

OR

$ chmod o+x ./

If you have more subdirectories use -R option:$ chmod -R 755 *.*

If you have access to Apache configuration file check out for thesetips to get rid of Apache 403 forbidden error.

-------------------------------------------------------------------------------################ 403 forbidden###############Sounds like the permissions or ownership on public_html may be setwrong.

-------------------------------------------------That could possible be caused by mod_dosevasive/mod_evasive. If you'reusing it in httpd.conf try disabling the module load lines (2) andrestart httpd.############################################################## prevent hot linking or leeching of images using mod_rewrite#############################################################Q. My site hosts lots of good images and other site hot links to myimages from their own site. Hot linking is eating lots of my bandwidth.How do I stop leechers?

A. This is problem you may encounter, particularly if your site hostsunique images. However solution is quite simple ban image hot linkingusing Apache mod_rewrite to check the referral information the browserprovides.How do I prevent hot linking of images?

There are many ways to block hot linking of images.

You can add any one of the following code to .htaccess file or to yourown httpd.conf file to prevent.

Unless the image is displayed on cyberciti.biz, browers would see theimage noop.jpg. Replace domain cyberciti.biz and upload noop.jpg towebroot.

If you made changes to httpd.conf file; restart Apache:# /etc/init.d/httpd restart

---------------------------------------------------------------------------------------------------################################# name based VirtualHost example################################Q. Can you give or specify an example for Apache name based VirtualHostfeature?

A. The term Virtual Host refers to the practice of maintaining morethan one web site on one Apache machine or server.

The NameVirtualHost directive is a required directive if you want toconfigure name-based virtual hosts.

With the NameVirtualHost directive you specify the IP address on whichthe server will receive requests for the name-based virtual hosts. Thiswill usually be the address to which your name-based virtual hostnames resolve.

For example if your IP address is 203.54.2.5. Set it as follows inhttpd.conf file:# vi /etc/httpd/conf/httpd.confSet NameVirtualHost as follows:NameVirtualHost 203.54.2.5:80Let us see how your virtual host entry looks for two domains calledtheos.in and nixcraft.com . Code for theos.in domain:ServerAdmin webmaster@theos.inDocumentRoot /var/www/theos.inServerName theos.inServerAlias www.theos.inErrorLog /var/logs/httpd/theos.in/error_logCustomLog /var/logs/httpd/theos.in/access_log common

Make sure both domains theos.in and nixcraft.com points to (A address)203.54.2.5. Also make sure you create /var/logs/httpd/domain-namedirectories and point ftp user directory to appropriate /var/www/domain-namedirectory.######################################################################################### Address already in use: make_sock: could not bind to port 80 or 443error and solution########################################################################################Q. How do I fix an error, while restarting Apache ~ Address already inuse: make_sock: could not bind to port 80?

A. If you are running SELinux disable temporary for port 80.Apache Address already in use: make_sock: could not bind to port 80error and solution

First make sure port 80/443 is not used by any other service orapplication with netstat command:

# netstat -tulpn| grep :80

If port 80 is bind to httpd, kill all process:# killall -9 httpd

Now start the httpd:# /etc/init.d/httpd start

Also make sure you are root while starting the httpd.############################################## change a default page other than index.html#############################################Q. How do I display or change a default page other than index.html orindex.php under Apache web server?

A. You need to use DirectoryIndex directive under Apache to set adefault page other than index.html or index.php.

The DirectoryIndex directive sets the list of resources or file to lookfor, when the client requests an index of the directory by specifyinga / at the end of a directory name.

Open your Apache configuration file httpd.conf# vi httpd.conf

Find out line that read as follows:DirectoryIndex

Now set it as per your requirements:DirectoryIndex index.html index.htm default.htm index.php index.pl

Save and close the file. Restart the Apache webs server:# /etc/init.d/httpd restart

Please note that if you donâ€™t have access to Apacheconfiguration file. Add DirectoryIndex to .htaccess file.

You can also specify php or pl dynamic script. Also note that thedocuments do not need to be relative to the directory. Consider followingexampleDirectoryIndex index.html index.pl /nav/index.php

Above would cause the php script /nav/index.php to be executed ifneither index.html or index.pl existed in a directory.############################################ Server Side Include (SSI) is not working?###########################################Q. I would like to use Server Side Include (SSI) from my html pages.But it is not working for VirtualHost. How do I configure Apache ServerSide Include?

A. From Aapache site, “SSI (Server Side Includes) are directives thatare placed in HTML pages, and evaluated on the server while the pagesare being served. They let you add dynamically generated content to anexisting HTML page, without having to serve the entire page via a CGIprogram, or other dynamic technology”.

Make sure you have following configuration directive/line in your.htaccess or httpd.conf file:

----------mod_security off-------------SecFilterEngine OffSecFilterScanPOST Off-------------------------------############################################################################# Using Find to change permissions. Fixing php suexec internal servererrors############################################################################Make sure this is only done in the public_html directory or a directoryinside the public_html. If this is done above this, it will causeproblems.

*Change the ownership of the files so that the are set correctly.chown `pwd|cut -d/ -f3`.`pwd|cut -d/ -f3` -R .########################################## php parsing for HTML files on phpsuexec#########################################php parsing for HTML files on phpsuexec--------------------------------------------------The .htaccess code :

“AddType application/x-httpd-php .html”

no longer works on phpsuexec’d servers. You need to use the followingcode instead of that one :

4. The next step is to add the domain to the Apache configuration. Youcan use any text editor that you are familiar with to open/etc/httpd/conf/httpd.conf and add the following section at the end:

# Replace 1.2.3.4 with the IP address of your serverDocumentRoot /home/testuser/testdomain.com/htdocsServerName testdomain.comServerAlias www.testdomain.comScriptAlias /cgi-bin/ /home/testuser/testdomain.com/cgi-bin/CustomLog /home/testuser/testdomain.com/logs/access.logErrorLog /home/testuser/testdomain.com/logs/error.log** If you do not have DNS set up for this domain, or DNS is pointing toanother server, add the following to your httpd.conf before yourVirtualHost. This will allow you to view the new site athttp://1.2.3.4/testdomain.com/ before DNS is working **ServerName 1_2_3_4DocumentRoot /var/www/htmlAlias /testdomain.com/ /home/testuser/testdomain.com/5. After you add the VirtualHost section and save the httpd.conf, youmust restart httpd in order for your changes to take effect:

6. Check if your new site is working. You can usehttp://www.testdomain.com if the DNS is pointing to your server orhttp://1.2.3.4/testdomain.com/ if DNS is not setup yet.

######################## Modify suspended page#######################Modify the suspended page------------------------------------If you need to suspend an account at any time, you may want to changethe default suspended page offered through cPanel. You may want to brandit or change the page to something which will say something other thanaccount suspended. To modify the suspended page, please do thefollowing:

1. Create an HTML page that appears exactly how you would like it tobe.2. Click on Modify Suspended Account Page in the Account Functionsmenu.3. Copy and paste the HTML code of your modified page over the contentof the default Suspended Account page4. Click on the Save button.

1.VPS---------A virtual private server (also referred to as virtual dedicated serveror virtual server, and abbreviated VPS or VDS) is a method ofpartitioning one physical server computer into multiple servers thateach has the appearance and capabilities of running on its owndedicatedmachine. Each virtual server can run its own full-fledged operatingsystem, and each server can be independently rebooted.You can find more information about VPS athttp://en.wikipedia.org/wiki/Virtual_private_server-----------------------------------------------------------------------------------------------

The service chksrvd is always running on your VPS, that will check forany service failures and restart them. The services will be alwaysrestarted unless they have a major fault with the configuration.-----------------------------------------------------------------------------------------------

Configuration Commands-------------------------------------------1) vzctl set VPS_ID –hostname vps.domain.com –save: To set theHostname of a VPS.2) vzctl set VPS_ID –ipadd 1.2.3.4 –save : To add a new IP to thehosting VPS.3) vzctl set VPS_ID –ipdel 1.2.3.4 –save : To delete the IP fromVPS.4) vzctl set VPS_ID –userpasswd root:new_password –save : to resetroot password of a VPS.5) vzctl set VPS_ID –nameserver 1.2.3.4 –save : To add thenameserver IP’s to the VPS.6) vzctl exec VPS_ID command : To run any command on a VPS from Node.7) vzyum VPS_ID install package_name : To install any package/Softwareon a VPS from Node.

Here VPS_ID refers to the ID of the Particular VPS.------------------------------------------------------------------------------------------------------------------------------------------------------

Note : If you are not worried about the directory security whenaccessing symbolic links, turn on FollowSymLinks and turn offSymLinksIfOwnerMatch to prevent additional lstat() system calls from being made:

################################ Virtuozzo Power Panels (VZPP)###############################Virtuozzo Power Panel?--------------------------------Virtuozzo Power Panels (VZPP) is a powerful web-based recovery andadministration tool, intended for use by VPS owners. VZPP can be used on astandalone basis or within the Plesk interface. With VZPP, a user withadministrative access to a VPS can easily perform many criticalmanagement tasks:

VPS Start/Stop/RebootStart, stop, fast stop and restart the VPS

VPS Services ManagementManage VPS services and processes such as stopping an offending task orrestarting a service

Q: I am existing customer do I have access to VZPP?A: Most of clients are already have access to VZPP. VZPP accessible via4643 port. Example: If your main VPS server IP 64.202.123.197, VZPPwould be accessible as:

But there are a number of servers with outdated virtuozzo managementsoftware, that does not support VZPP and cannot be updated. These clientswill be migrated to new VPS servers with latest software withinseveral next months. If you would like to migrate now, please contactmigration@hostforweb.com